www.Usenet.com

Misc Thread Archive from Usenet.com

REVIEW: "Intrusion Detection with Snort", Rafeeq Ur Rehman

__From__: Rob Slade, doting grandpa of Ryan and Trevor
__Subject__: REVIEW: "Intrusion Detection with Snort", Rafeeq Ur Rehman
__Date__: Mon, 13 Oct 2003 12:32:47 -0500

BKIDWSAI.RVW   20030902

"Intrusion Detection with Snort", Rafeeq Ur Rehman, 2003,
0-13-140733-3, U$39.99/C$62.99
%A   Rafeeq Ur Rehman
%C   One Lake St., Upper Saddle River, NJ   07458
%D   2003
%G   0-13-140733-3
%I   Prentice Hall
%O   U$39.99/C$62.99 +1-201-236-7139 fax: +1-201-236-7131
%O  http://www.amazon.com/exec/obidos/ASIN/0131407333/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0131407333/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0131407333/robsladesin03-20
%P   263 p.
%T   "Intrusion Detection with Snort"

Chapter one is a very simple introduction to intrusion detection and
Snort.  Beginning with a brief look at topology, chapter two runs
through an installation of Snort, but does not provide much in the way
of explanation or recommendation at the various points.  The coverage
of Snort rule creation and syntax, in chapter three, is clear and
reasonable, but could use more examples of malicious packets and how
they might be identified.  Chapter four does explain some exploit
rules, in discussing preprocessors, but briefly, and then goes on to
output options.  Chapters five, six, and seven describe MySQL, ACID
(Analysis Console for Intrusion Databases), and other tools for using
Snort in conjunction with collected information.

This is a decent printed documentation for the system, but not much
more.

copyright Robert M. Slade, 2003   BKIDWSAI.RVW   20030902

-- 
====================== 
[EMAIL PROTECTED]      [EMAIL PROTECTED]      [EMAIL PROTECTED]
"If you do buy a computer, don't turn it on."     - Richards' 2nd Law
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
      or mirror http://sun.soci.niu.edu/~rslade/
CISSP refs:     [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews:   [Base URL]mnbk.htm
                [Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to [EMAIL PROTECTED]

REVIEW: "Intrusion Detection with Snort", Rafeeq Ur Rehman, Rob Slade, doting grandpa of Ryan and Trevor
- Re: REVIEW: "Intrusion Detection with Snort", Rafeeq Ur Rehman, Tommy

<-- __Chronological__ -->

<-- __Thread__ -->

Please check out one of the premium Usenet Newsgroup Service Providers below for access to Usenet.